<?php
//****************Include files******************
include_once("codelibrary/inc/variables.php");
include_once("codelibrary/inc/functions.php");


function query($query) {
	$res = mysql_query($query) or die("Query Execution Error:<br>".mysql_error()."<br>$query");
	return $res;
}

if($login_type=="staff") {
$staff_query = "select st.staff_id,st.first_name,st.last_name,ad.username,ad.password from staff as st
				left join administrator_info as ad on st.business_id=ad.business_id
				where st.login='$TR_User_Name' and st.password='$TR_Password'";

$staff = mysql_fetch_object(query($staff_query));
$TR_User_Name= $staff->username;
$TR_Password= $staff->password;
$_SESSION['staff_id'] = $staff->staff_id;
$_SESSION['logintype'] = "staff";
}


$wherelogin=" AND username='$TR_User_Name'";

$query = "select ad.*,pk.*,bus.companyname from administrator_info as ad
			left join packages as pk on pk.package_id=ad.package_id
			left join business_info as bus on bus.business_id = ad.business_id
			where username='$TR_User_Name' and password='$TR_Password'
		   ";

$rowlogin=mysql_fetch_array(query($query));

$administrator_id=$rowlogin['administrator_id'];
$accessdays=$rowlogin['accessdays'];
$loginretries=$rowlogin['loginretries'];
$dateadded=strtotime($rowlogin['dateadded']);

$currentdate = mktime();

$noofdays = ($currentdate-$dateadded)/86400;

if($noofdays > 30 && $accessdays!=0)
{
	  header("Location:index1.php?logerr=expire");
	  exit;
}


$where_login=" AND username='$TR_User_Name' AND password='$TR_Password'";
$row_login=$rowlogin;
$administrator_id=$row_login['administrator_id'];
$business_id=$row_login['business_id'];
$loginip=$REMOTE_ADDR;
$logintime=$time;
$traildate=$date;


//Re-directing the admin back to login page on login failure 

	$session = session_id();
	$mktime = mktime();

	if($rowlogin['sessionid']=='' || $rowlogin['lastlogin'] <= ( $mktime-(60*2) ) ) {
		$sessionquery = "update administrator_info set lastlogin ='".$mktime."', sessionid='$session' where administrator_id='$administrator_id'";
		mysql_query($sessionquery) or die(mysql_error());
	} else {
		/* echo '<script>location.href="login.php?logerr=userlogged"</script>';  */
		header("Location:index1.php?logerr=userlogged");
		exit;
	}

//Re-directing the admin back to login page on login failure 
if(!$row_login)
{
	$retries=$loginretries+1;
	$query="update $administrator_info_table set loginretries='$retries' where administrator_id='$administrator_id'";
	mysql_query($query) or die(mysql_error().'not added to admin info table');
	header("Location:index1.php?logerr=login");
}
//Setting sessions on Successful Login
else
{
	//$lastlogin=indianDate(); 
	$lastlogin=date("Y-m-d H:i:s"); // will be Changed in case server is in a different location
	//editData($administrator_info_table,"administrator_id",$administrator_id);
	
	session_register("sess_user_name");
	
	$_SESSION['companyname'] = $rowlogin['companyname'];
	$_SESSION['dateadded'] = $rowlogin['dateadded'];
	$_SESSION['access_days'] = $rowlogin['access_days'];
	$_SESSION['staff_limit'] = $rowlogin['staff_limit'];
	$_SESSION['sess_user_name'] = $row_login["username"];

	$sess_user_name=$row_login["username"];
	
	$_SESSION['username']=$row_login["username"];
	
	$_SESSION['administrator_id']=$row_login["administrator_id"];
	
	$_SESSION['business_id']=$row_login["business_id"];
	
	$_SESSION['password']=$row_login["password"];
	$_SESSION['accesstype']=$row_login["accesstype"];
	$_SESSION['companyname'] = $rowlogin['companyname'];
	$_SESSION['dateadded'] = $rowlogin['dateadded'];





if($row_login['accesstype']=='superadmin')
{
	  header("Location:super-home.php");
	  exit;
}




	$_SESSION['access_days'] = $rowlogin['access_days'];
	$_SESSION['staff_limit'] = $rowlogin['staff_limit'];
	$_SESSION['package_name'] = $rowlogin['package_name'];



	$session_id = session_id();
	
	$insert_sql="insert into $administrator_login_trail_table(traildate, administrator_id, logintime,logouttime,loginip) values('".$traildate."', '".$administrator_id."', '".$logintime."', '', '".$loginip."')";
	mysql_query($insert_sql);
	
	$sess_trail_id=mysql_insert_id();
	$_SESSION["sess_trail_id"] = $sess_trail_id;
	
	$Q=mysql_query("Select * from $administrator_login_trail_table where trailid=$sess_trail_id");
	$R=mysql_fetch_array($Q);
	$U_ID=$R['administrator_id'];
	
	//** Logic whether Setup Wizard Home Page (step1.php) will open or Site administration Home    Page will open **/
	$step1_sql="select * from setup_wizard where business_id='$business_id'";
	$step1_query=mysql_query($step1_sql);
	$step1_rows=mysql_num_rows($step1_query);
	
	$step2_sql="select * from hours_management where business_id='$business_id'";
	$step2_query=mysql_query($step2_sql);
	$step2_rows=mysql_num_rows($step2_query);
	
	$step3_sql="select * from services where business_id='$business_id'";
	$step3_query=mysql_query($step3_sql);
	$step3_rows=mysql_num_rows($step3_query);

	$step4_sql="select * from staff where business_id='$business_id'";
	$step4_query=mysql_query($step4_sql);
	$step4_rows=mysql_num_rows($step4_query);
	
	if($_SESSION['staff_id']!='' && $step1_rows>0 && $step2_rows>0 && $step3_rows>0 && $step4_rows>0)
	{
	  $_SESSION['setup_complete'] = 1;
	  header("Location:reports-view-details.php");
	  exit;
	}

	
	if($step1_rows>0 && $step2_rows>0 && $step3_rows>0 && $step4_rows>0)
	{
	   $_SESSION['setup_complete'] = 1;
	   $_SESSION['logintype'] = "admin";
	   header("location:make-appointment.php?trail_id=$sess_trail_id");
	}
	else
	{
	    $_SESSION['setup_complete'] = 0;
		$query = "delete from appointment_setting where business_id = '$business_id'";
		mysql_query($query) or die(mysql_error().'<br/>'.$query);

	   header("location:step1.php?trail_id=$sess_trail_id");
	}
	
}	
?>